package com.example.springboot.common.config;

import cn.hutool.core.util.StrUtil;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.example.springboot.common.ResultCode;
import com.example.springboot.domain.po.Account;
import com.example.springboot.exception.CustomException;
import com.example.springboot.service.AdminService;
import com.example.springboot.service.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
 * @Author：伐柯梦姝
 * @Package：com.example.springboot.common.config
 * @Project：springboot
 * @name：JwtInterceptor
 * @Date：2025/2/5 15:27
 * @Filename：JwtInterceptor
 * @for:
 */

/**
 * jwt拦截器
 */
@Component
public class JwtInterceptor implements HandlerInterceptor {

       private static final Logger log = LoggerFactory.getLogger(JwtInterceptor.class);

       @Resource
       private AdminService adminService;
       @Resource
       private UserService userService;

       @Override
       public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
              // 1. 从http请求的header中获取token
              String token = request.getHeader("token");
              if (StrUtil.isBlank(token)) {
                     // 如果没拿到，我再去参数里面拿一波试试  /api/admin?token=xxxxx
                     token = request.getParameter("token");
              }
              // 2. 开始执行认证
              if (StrUtil.isBlank(token)) {
                     throw new CustomException(ResultCode.TOKEN_INVALID_ERROR);
              }
              Account user = null;
              try {
                     String userRole = JWT.decode(token).getAudience().get(0);
                     String userId = userRole.split("-")[0];
                     String role = userRole.split("-")[1];
                     // 根据token中的userid查询数据库
                     if ("1".equals(role)) {
                            user = adminService.findById(Integer.valueOf(userId));
                     }
                     if ("2".equals(role)) {
                            user = userService.findById(Integer.valueOf(userId));
                     }

              } catch (Exception e) {
                     throw new CustomException(ResultCode.TOKEN_CHECK_ERROR);
              }
              if (user == null) {
                     throw new CustomException(ResultCode.USER_NOT_EXIST_ERROR);
              }
              try {
                     // 用户密码加签验证 token
                     JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256(user.getPassword())).build();
                     jwtVerifier.verify(token); // 验证token
              } catch (JWTVerificationException e) {
                     throw new CustomException(ResultCode.TOKEN_CHECK_ERROR);
              }
              return true;
       }
}
